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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the communication dated May 8, 2006 with the 
cancellation of claims 1-43 and the amendments to claims 52, 54 and 57. 

2. Claims 44-64 are pending. 

3. The objection of claim 54 and the 35 U.S.C 112, second paragraph rejection of 
claim 57 have been withdrawn due to their appropriate corrections. 

Response to Arguments 

4. Applicant's arguments filed on May 8, 2006 have been fully considered. The 
office regrets "determine an actual module configuration" is disclosed by Drews' Figure 
4 on the previous Office action (page 3, section 8, lines 8-9) was cited by mistake. 
Figure 4 (or Fig. 3, step 1 13) is relied on for the teaching of a stored module 
configuration which was addressed on the previous Office action (page 3, section 8, line 
4) as col. 3, line 9, lines 17-18. The result of Fig. 3, steps 114-116 is relied on for the 
teaching of an actual module configuration, the step of comparing the actual module 
configuration against the stored module configuration is anticipated in Fig. 3, step 117 
(or Fig. 5) in particular, in Fig. 5, step 207, if the comparison result is not equal, then the 
modification request is rejected (i.e. new or modified configuration data is rejected, 
therefore the computer stops operating under the new/modified/actual configuration 
data). 

Claim Rejections - 35 USC § 103 
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5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 44-47, 50, 52-53 and 58 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Drews (6,539,480) in view of Selitrennikoff et al. (6,209,089). 

a) As to claims 44 and 52, Drews discloses a method and apparatus for 
securely transferring trust from a current trusted authority to a new trusted authority in a 
computing system comprising storing a module configuration of the computer apparatus 
(col. 3, line 9, 17-18); the trusted device performing a cryptographic identification 
process for modules with a cryptographic identity to identify them (Fig. 2, element 106; 
col. 4, lines 43-46; Fig. 3, element 114-116) and thereby determine an actual module 
configuration (Fig. 4); the trusted device comparing the actual module configuration 
against the stored module configuration (Fig. 3, element 117); and the trusted device 
inhibiting function of the computer apparatus while the actual module configuration does 
not satisfactorily match the stored module configuration (Fig. 5, element 210). 

Drews does not expressly disclose a module configuration providing an 
identification of each functional module in the computer apparatus. 

Selitrennikoff discloses a method and system for adjusting an operating system 
configuration according to changes in hardware components comprising a module 
configuration providing an identification of each functional module in the computer 
apparatus (col. 13, lines 20-24; Fig. 3, element 40). 
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It would be obvious to one of ordinary skill in the art at the time of the invention to 
employ the use of having a module configuration providing an identification of each 
functional module in the computer apparatus in the system of Drews as Selitrennikoff 
teaches so as to accurately verify the functional modules. 

b) As to claim 45, Drews discloses the stored module configuration is held 
separately from the computing apparatus (i.e. over the network, col. 3, lines 34-36). 

c) As to claims 46-47 and 58, Drews discloses the stored module 
configuration is stored such that it is accessible only by a cryptographic authentication 
process (this claimed limitation is addressed in the above claim 1 , Drews discloses the 
validation and authentication process with the use of public/private key, hashing and 
digital signature. 

d) As to claim 50, please see the addressed above claim 44. 

e) As to claim 53, the claimed limitations are addressed in the above claims 
45 and 46. 

7. Claims 54-56 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Herzi et al. (6,353,885) in view of Selitrennikoff et al. (6,209,089). 

a) As to claim 54, Herzi discloses a system and method for providing BIOS 
level user configuration of a computer system where the smart card (i.e. a security 
token) contains BIOS level settings (i.e. stored module configuration, col. 3, lines 54-57; 
col. 3, lines 5-13) and adapts to provide the stored module configuration to the 
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computer apparatus to allow comparison between an actual module configuration of the 
computer apparatus and the stored module configuration (Fig. 3, element 78). 

Herzi does not expressly disclose the stored module configuration providing an 
identification of each function module. 

Selitrennikoff discloses a method and system for adjusting an operating system 
configuration according to changes in hardware components comprising a module 
configuration providing an identification of each functional module in the computer 
apparatus (col. 13, lines 20-24; Fig. 3, element 40). 

It would be obvious to one of ordinary skill in the art at the time of the invention to 
employ the use of having a module configuration providing an identification of each 
functional module in the computer apparatus in the system of Herzi as Selitrennikoff 
teaches so as to accurately verify the functional modules. 

b) As to claim 55, the examiner takes official notice that storing information in 
an encrypted form is quite well known in the data encryption art. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of storing the stored module configuration in an encrypted 
form in the system of Herzi and Selitrennikoff so as to securely protect the configuration 
data. 

c) As to claim 56, Herzi discloses the security token is a smart card (Fig. 1 , 
element 28). 
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8. Claims 48-49, 57, 59 and 60-63 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Drews (6,539,480) in view of Selitrennikoff et al. (6,209,089) and 
further in view of Herzi et al. (6,353,885). 

a) As to claim 57, Drews discloses a method and apparatus for securely 
transferring trust from a current trusted authority to a new trusted authority in a 
computing system comprising storing a module configuration of the computer apparatus 
(col. 3, line 9, 17-18); checking the actual module configuration against the stored 
module configuration (Fig. 3, element 117); and inhibiting function of the computer 
apparatus if the actual module configuration does not satisfactorily match the stored 
module configuration (Fig. 5, element 210). 

Drews does not expressly disclose a module configuration providing an 
identification of each functional module in the computer apparatus. 

Selitrennikoff discloses a method and system for adjusting an operating system 
configuration according to changes in hardware components comprising a module 
configuration providing an identification of each functional module in the computer 
apparatus (col. 13, lines 20-24; Fig. 3, element 40). 

It would be obvious to one of ordinary skill in the art at the time of the invention to 
employ the use of having a module configuration providing an identification of each 
functional module in the computer apparatus in the system of Drews as Selitrennikoff 
teaches so as to accurately verify the functional modules. 
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Drews and Selitrennikoff do not expressly disclose storing a module configuration 
of the computer apparatus on a security token removably attachable to the computer 
apparatus. 

Herzi discloses a system and method for providing BIOS level user configuration 
of a computer system where the smart card (i.e. a security token) contains BIOS level 
settings (i.e. stored module configuration, col. 3, lines 54-57; col. 3, lines 5-13). 

It would be obvious to one of ordinary skill in the art at the time of the invention to 
employ the use of storing a module configuration on a security token in the system of 
Drews and Selitrennikoff so as to flexibly provide a user configuration in a multi-user 
computer system environment. 

b) As to claim 59, Drews discloses the computer apparatus contains a 
trusted device (i.e. security module, Fig. 1, element 30) adapted to respond to a user in 
a trusted manner and the trusted device is adapted to perform the step of checking the 
actual module configuration against the stored module configuration (Fig. 3, element 
117). 

c) As to claims 48-49 and 60-63, please see the addressed above claim 57. 

9. Claims 51 and 64 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Drews (6,539,480) in view of Selitrennikoff et al. (6,209,089) in view of Herzi et al. 
(6,353,885) and further in view of Muftic (5,943,423). 

Herzi discloses the module configuration is held by a remote module validation 
authority, however Drews and Herzi do not disclose the remote validation authority 
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provides a service allowing a replacement security token to be provided if a security 
token is lost or stolen. 

Muftic discloses applications of the smart card technology to computer and 
network access, software distribution comprising a service allowing a replacement 
security token to be provided if a security token is lost or stolen (col. 6, lines 50-56). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of replacing lost or stolen security token as Muftic teaches 
in the system of Drews, Selitrennikoff and Herzi so as not to disrupt the smart card 
services. 



Conclusion 

THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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